Chrome extension caught stealing bitcoin from users update


Security researchers have caught a Bitcoin-hijacking Chrome extension that only managed to grab one BitCoin transaction before being exposed. Trend Micro researchers said the malicious extensions used an attack technique that first emerged last year, dubbed FacexWorm, and added that they noticed re-emerging activity earlier this month. FacexWorm propagates in malicious Facebook Messenger messages, the company saidand only attacks Chrome; if another browser is detected, the user is directed to an innocuous-looking advertisement.

Victims were tricked into installing the malicious extension as a codec extension, offered when they clicked a Facebook Messenger link to a YouTube video. To that are added the ability to steal account credentials for websites of interest to FacexWorm, while redirecting victims to cryptocurrency scams. In case it got nowhere trying to hijack transactions, the extension would chrome extension caught stealing bitcoin from users update try to pick up pennies with referral scams targeting Binance, DigitalOcean, FreeBitco.

That page asks users to send 0. The Register - Independent news chrome extension caught stealing bitcoin from users update views for the tech community.

Part of Situation Publishing. Join our daily or weekly newsletters, subscribe to a specific section or set News alerts. The Register uses cookies. Virgin Media's fibre rollout is pretty glacial What a pain for poor old Bain: You have GNU sense of humor!

Every major OS maker misread Intel's docs. Get on top of reliability with our best practices webinar. And you like stability? We'll see you in December, then And lo, Qualcomm hath declared that a new chip for wearables is coming Peak smartphone?

Phone fatigue hits Western Europe hard. Artificial Intelligence Internet of Things So when can you get in the first self-driving car? Waymo says — yes, this year UK. Verity Stob Yes, people see straight through male displays of bling they're only after a fling New Monty Python movie to turn old jokes into new royalties Mystery crapper comes a cropper The steaks have never been higher: Swiss Lidl is selling local cannabis.

The FacexWorm infection chain. Most read Equifax reveals full horror of that monstrous cyber-heist of its servers Every major OS maker misread Intel's chrome extension caught stealing bitcoin from users update. Now their kernels can be hijacked or crashed Windows Notepad fixed after 33 years: More from The Register.

North Korea's antivirus software whitelisted mystery malware 'SiliVaccine' uses ancient, stolen, Trend Micro AV engine and bad home-brew crypto. Sophos buys Irish Barricade. Security FUD and malware outbreaks boost Sophos' coffers Targeting the 'underserved mid-market' pays off nicely.

Fake mobile base stations spreading malware in China 'Swearing Trojan' pushes phishing texts around carriers' controls. Seeking to reduce costs and to provide better customer experience.

All businesses have different IT requirements, so the cloud should never be a one-size-fits-all proposition. Chrome extension caught stealing bitcoin from users update links Get The Register's Headlines in your inbox daily - quick signup!

About us Who we are Under the hood Contact us Advertise with us. Sign up to our Newsletters Join our daily or weekly newsletters, subscribe to a specific section or set News alerts Subscribe.

Security researchers have caught a Bitcoin-hijacking Chrome extension that only managed to grab one BitCoin transaction before being exposed. Chrome extension caught stealing bitcoin from users update Micro researchers said the malicious extensions used an attack technique that first emerged last year, dubbed FacexWorm, and added that they noticed re-emerging activity earlier this month. FacexWorm propagates in malicious Facebook Messenger messages, the company saidand only attacks Chrome; if another browser is detected, the user is directed to an innocuous-looking advertisement.

Victims were tricked into installing the malicious extension as a codec extension, offered when they clicked a Facebook Messenger link to a YouTube video. To that are added the ability to steal account credentials for websites of interest to FacexWorm, while redirecting victims to cryptocurrency scams.

In case it got nowhere trying to hijack transactions, the extension would also try to pick up pennies with referral scams targeting Binance, DigitalOcean, FreeBitco. That page asks users to send 0. The Register - Independent news and views for the tech community. Part of Situation Publishing. Join our daily or weekly newsletters, subscribe to a specific section or set News alerts. The Register uses cookies.

Virgin Media's fibre rollout is pretty glacial What a pain for poor old Bain: Let's kick the tyres on Google's Android P Now it finally handles Unix, Mac OS line endings. Every major OS maker misread Intel's docs. Get on top of reliability with our best practices webinar.

Watchdog slams UK justice digitisation plans. Phone fatigue hits Western Europe hard Making calls? Ha, not what most peeps use phone for — Ofcom Commodore 64 owners rejoice: Great soap opera TV, but don't expect big results. Google teases world with latest math coprocessor for AI.

Verity Stob T-Mobile owner sends in legal heavies to lean on small Brit biz over use of 'trademarked' magenta Yes, people see straight through male displays of bling they're only after a fling New Monty Python movie to turn old jokes into new royalties Mystery crapper comes a cropper. The FacexWorm infection chain. Most read Equifax reveals full horror of that monstrous cyber-heist of its servers Windows Notepad fixed after 33 years: Now their kernels can be hijacked or crashed Hacking charge dropped against Nova Scotia teen who slurped public records from the web.

More from The Register. Sophos buys Irish Barricade. Umm, Oracle — about that patch? It might not be very sticky Security researcher says WebLogic fix can be bypassed, posts proof-of-concept.

Sophos waters down 'NHS is totally protected' by us boast Updated Watered down homeopathy for computers is more chrome extension caught stealing bitcoin from users update, m'kay? UK tech whale Micro Focus: Share price halves as CEO quits, sales slide About that business model of buying legacy software brands. Whitepapers Office Risk Mitigation What chrome extension caught stealing bitcoin from users update the three key areas of concern around Office email you should be aware of?

Seeking to reduce costs and to provide chrome extension caught stealing bitcoin from users update customer experience. Automation is not an impossible goal. With the right expertise, any business can plan a safe route and reach the summit. Sponsored links Get The Register's Headlines in your inbox daily - quick signup!

About us Who we are Under the hood Contact us Advertise with us. Sign up to our Newsletters Join our daily or weekly newsletters, subscribe to a specific section or set News alerts Subscribe.

To update your website: Send any token to 3PE9n5HRUsU6kjknatxPfvam7WmKy8EJcRW with. Users fill in an online form and receive a confirmation email into their private inbox.

Due to charge back with paypal, buying cryptocurrency has been difficult however Xcoins claims to have found a way around it.